Comscore's Scorecard Research beacon (scorecardresearch.com) is one of the most widely deployed tracking pixels on the web. It is often bundled into ad network and video player integrations, meaning it arrives on sites without a deliberate deployment decision. Many site owners do not know it is present, have no consent condition for it, and have not reviewed what it collects or to whom that data flows.
Marketing and Analytics
Comscore is an audience measurement company whose Scorecard Research beacon collects page view, visitor, and behavioral data to power audience panel measurement, media ratings, and advertising verification products.
Trademark
Comscore is a trademark of Comscore, Inc.. Lokker is not affiliated with or endorsed by Comscore, Inc..
Risk and failure modes
Unlike most trackers that are deliberately deployed, the Comscore beacon commonly appears as a bundled dependency in ad network code, video players, or publisher toolkits. That origin means it typically lacks a consent category assignment and fires in all visitor states.
The Scorecard Research beacon is frequently included in ad serving libraries and video player SDKs. Site owners who deploy those libraries may be unaware they are also deploying Comscore audience measurement.
Because the beacon arrives as a bundled dependency, it typically lacks any consent category assignment in the active CMP. It fires for all visitors, including those who have rejected analytics or advertising tracking.
Data collected by the Scorecard Research beacon contributes to Comscore's audience panels, which are sold to media buyers and broadcasters as third-party measurement data. That downstream commercial use of visitor data needs to be covered by the site's consent framework.
Consent and configuration
The first step in addressing Comscore compliance is confirming the beacon is present. Many organizations are surprised to find it. Once identified, it needs to be assigned to an Analytics or Advertising consent category and blocked in the reject state through the CMP or tag manager.
Scorecardresearch.com requests should be confirmed through network-layer inspection, as the beacon may not appear in standard tag audits if it is bundled in a library.
Once identified, the beacon needs a consent category assignment and a blocking condition in the active CMP or tag manager.
If the beacon arrives through a third-party integration, that integration itself may need to be updated to support consent-conditional loading.
Regional compliance
Comscore's measurement activities are not exempt from GDPR or CCPA/CPRA because they serve audience research rather than direct advertising. The behavioral data collected by the Scorecard Research beacon is personal data under GDPR, and cross-site audience panel tracking requires a valid legal basis. The CPRA's definition of sale and sharing for cross-context behavioral advertising applies to data that flows to Comscore for commercial measurement purposes, and those flows require an active opt-out mechanism.
How Lokker helps
Lokker detects scorecardresearch.com requests across your properties, including when the beacon arrives through bundled third-party code, and validates whether it fires in consent states where it should not.
Consent Validator identifies Comscore beacon requests in pre-consent and reject states, providing evidence of firing that may not be visible in standard tag management audits.
Explore Consent ValidatorPrivacy Edge scans all your properties for scorecardresearch.com and related Comscore domains, surfacing deployments that site owners may not know are present and scoring them in the tracker risk category.
Explore Privacy EdgeExplore Lokker
Each product links to its full details so you can explore features, view a demo, and understand how it applies to your Comscore deployment.
Validation
Detects Comscore beacon firing in pre-consent and reject states, including when bundled in third-party libraries.
Explore Consent ValidatorIntelligence
Scans all properties for scorecardresearch.com and surfaces undiscovered Comscore deployments.
Explore Privacy EdgeMarketing and Analytics
Next step
Lokker runs automated browser-level consent flows and scans the network layer to confirm whether Comscore fires in states where it should not.